LFT (Layer Four Traceroute) is a sort of "traceroute" that often works much faster than the commonly-used Van Jacobson method and goes through many configurations of packet-filter based firewalls. More importantly, LFT implements numerous other features, including TCP, UDP, or ICMP-based traces, AS number lookups through several reliable sources, loose source routing, netblock name lookups, and more. LFT also distinguishes between layer-4 protocols, which make its statistics slightly more realistic, and gives a savvy user the ability to trace protocol routes, not just layer-3 hops.
WebJob downloads a program over HTTP/HTTPS and executes it in one unified operation. The output, if any, may be directed to stdout/stderr or a WebJob server. WebJob may be useful in incident response and intrusion analysis as it provides a mechanism to run known good diagnostic programs on a potentially compromised system. WebJob also provides a framework that is conducive to centralized management. Therefore, it can support and help automate a large number of common administrative tasks and host-based monitoring scenarios.
SURVIVOR is yet another systems monitor. It consists of a POSIX-thread based scheduler written in C++ running arbitrary checks in a flexible, heterogeneous, bureaucratic, and convoluted environment. It maintains proper state, history, sanity, and attitude, and allows interaction via Web, command, and two-way messaging interfaces.
Cammgr manages a collection of web cameras. It will bring cameras online or offline, and initiate or suspend image capture operations. Any camera can be controlled provided a driver is available. Cammgr supports multiple images per camera, default images for inactive cameras, per- user/host/camera notifications, and an easy-to- use configuration file. It can scan Apache log files to auto-initiate image capture, and tune capture frequency can to the minimum needed to ensure that clients receive a new image on request.
skill sends signals to processes given any combination of user names, ttys, commands, and pids. snice changes the priority of processes (given the same). They are similar to kill(1) and renice(8), but the commandline is order-independent. There are also verbose, search, and interactive modes of operation.
FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.
Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and grids. It is based on a hierarchical design targeted at federations of clusters. Ganglia is currently in use on over 500 clusters around the world and has scaled to handle clusters with 2000 nodes.